X86 dispatch contention vulnerability

[ryacko at gmail.com (Ryan Carboni)]

Pretty embarrassing for â??Intel Insideâ?? if you ask me. Wonder how many
â??whitehatsâ?? let their findings get suppressed for money.



On Wednesday, November 14, 2018, jim bell <jdb10987 at yahoo.com> wrote:

> Sounds like a valid issue!
>
>             Jim Bell
>
> On Wednesday, November 14, 2018, 9:36:06 AM PST, Ryan Carboni <
> ryacko at gmail.com> wrote:
>
>
> While many x86 implementation vulnerabilities in the past involve either
> electromagnetic emissions or cache timing attacks, I have not read anything
> about instruction dispatch contention. According to anger fogâ??s research,
> Intelâ??s implementation of the x86 instruction set does not dispatch more
> than three of a single instruction, and it has been so for a long time.
> Irregardless of their design decisions for instruction dispatch, this
> provides a side channel in which two cooperating processes operating on the
> same core can conduct half-duplex communication at the rate of 2 bits per
> cycle by one process attempting to compete with another process for the
> same capacity for dispatches over a single instruction (0, 1, 2, 3). While
> I do not have the resources to know how x86 processors handles dispatch
> contention issues, if it is handled in a regular and non-random manner, it
> would reach that theoretical level of severity.
>
> This violates certain access controls assumed to be imposed by the kernel.
>
> I suppose I canâ??t collect my quarter million dollar prize if I publish
> this to the world?
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2290 bytes
Desc: not available
URL: <http://lists.cpunks.org/pipermail/cypherpunks/attachments/20181114/04b085f5/attachment.txt>